With increasing connectivity and more and more of our lives are shared online, there is an abundance of data going around the internet. In fact, over 90% of the world’s data was generated in the last two years. With easy access to high-speed internet and the abundance of free services, more and more of our personal information is going to the cloud.
This abundance of data is not only relegated to social network platforms anymore. Digital marketers have easy access to this information as well. Through lead forms, surveys and signing up to promos, it’s easier now more than ever to gather data from our current and prospective customers and use it to strengthen our campaigns.
With access to all this data we can capture from a large amount of people, what sort of responsibilities do marketers have?
Data Privacy in the Philippines
In the Philippines specifically, government has taken steps to ensure that data is protected and the data subjects are given rights.This is reflected on Republic Act 10173, also known as the Data Privacy Act of 2012.
So why is it so significant now, years after the law has been signed? This is due to the recent formation of the National Privacy Commission in 2016. The NPC is tasked with administering and implementing the Data Privacy Act of 2012.
Key Data Privacy Rights
Given the Data Privacy law, it’s important for marketers to take note of the rights of the people they acquire personal data from.
There are a total of 7 key rights that summarize the Data Privacy Act for the Philippines.
The Right to be Informed
The foundation for the Data Privacy law is consent. Which means the willingness of data subjects to hand over their data. Data can be accessed and used by marketers so long as users give their permission to do so.
The Right to Object
The Right to Access and Data Portability
Once someone has given you their consent to use their personal data, they also have the right to access it. These data subjects must have reasonable access to the data they have given. Access should be easy as well as “data portable” meaning their personal data can be electronically stored and copied at anytime.
One big repository of personal data exists on social media platforms. Popular platforms such as Facebook have options and provisions for you to download your personal data. Even new platforms such as Tinder allows you to retrieve your personal data, provided you ask for it.
The Right to Rectify
Access to their collected personal data entitles the data subject to correct any mistakes or misrepresentation.
The Right to Erasure or Blocking
Consent means permission but data subjects also have the right to withdraw their consent at anytime. This can be addressed through unsubscription to email services for example, or by directly emailing the company’s Data Protection Officer.
The Right to Damages and to file a Complaint with the NPC
At the extreme end of the spectrum, if damages are done to the data subject, he has the right to file for damages as well as escalate matters with the National Privacy Commission.
How does this affect my campaigns?
If your campaign doesn’t involve capturing personal data from people, you don’t need to worry about the Data Privacy Act. However, if it does, all you need to do is follow proper compliance.
Compliance with the Data Privacy Act is quite easy. At the most basic level of compliance, there are 2 key things to note when running a campaign where you collect personal data.
- Provide an easy way for them to opt out of sharing their personal data. Example: A unsubscribe link in your SMS or EDM
Dragland, A. (2013, May 22). Big Data, for better or worse. Retrieved From: https://www.sciencedaily.com/releases/2013/05/130522085217.htm
Duportail, J. (2017, Sept 26). I asked Tinder for my data. It sent me 800 pages of my deepest, darkest secrets. Retrieved From: https://www.theguardian.com/technology/2017/sep/26/tinder-personal-data-dating-app-messages-hacked-sold